[Git][security-tracker-team/security-tracker][master] add NOTEs with links to fixes

[Thorsten Alteholz]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4d1c7983 by Thorsten Alteholz at 2019-03-29T14:00:05Z
add NOTEs with links to fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -855,14 +855,26 @@ CVE-2019-9899
 	RESERVED
 CVE-2019-9898 (Potential recycling of random numbers used in cryptography exists with ...)
 	- putty 0.70-6
+	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-rng-reuse.html
+	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=320bf8479ff5bcbad239db4f9f4aa63656b0675e
 CVE-2019-9897 (Multiple denial-of-service attacks that can be triggered by writing to ...)
 	- putty 0.70-6
+	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terminal-dos-one-column-cjk.html
+	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=03777723e553024e94d8bfcf182f3a2e92ffb914
+	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terminal-dos-combining-chars-double-width-gtk.html
+	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=daf91ef8ae9780bb1dfb534afa79e4babb89ba26
+	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terminal-dos-combining-chars.html
+	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=da1c8f15b1bc14c855f0027cf06ba7f1a9c36f3c
 CVE-2019-9896 (In PuTTY versions before 0.71 on Windows, local attackers could hijack ...)
 	- putty <not-affected> (Only affects PuTTY specific on Windows)
 CVE-2019-9895 (In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer o ...)
 	- putty 0.70-6
+	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-fd-set-overflow.html
+	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5c926d9ea4a9e0a0a2384f06c7583648cdff3ed6
 CVE-2019-9894 (A remotely triggerable memory overwrite in RSA key exchange in PuTTY b ...)
 	- putty 0.70-6
+	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-rsa-kex-integer-overflow.html
+	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d82854999516046122501b2e145099740ed0284f
 CVE-2019-9892
 	RESERVED
 CVE-2019-9891



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4d1c79831c74dc54d3f94107f0aad5f661ca45a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4d1c79831c74dc54d3f94107f0aad5f661ca45a6
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190329/029730ba/attachment.html>